* Group cites "credible intelligence" of possible attack
* JPMorgan Chase is second U.S. bank in two days with issues
* Bank of America problems followed threat on Internet
* Comes in wake of FBI warning on cyber attacks
By Jim Finkle and David Henry
Sept 19 A financial services industry group
warned U.S. banks, brokerages and insurers on Wednesday to be on
heightened alert for cyber attacks after Bank of America and
JPMorgan Chase experienced unexplained outages on their public
The Financial Services Information Sharing and Analysis
Center, which is widely known as FS-ISAC, raised the cyber
threat level to "high" from "elevated" in an advisory to
members, citing "recent credible intelligence regarding the
potential" for cyber attacks as its reason for the move.
The problems with the websites at the two banks came after
an unidentified person posted a statement on the Internet
threatening to attack Bank of America and the New York Stock
Exchange as a "first step" in a campaign against U.S.
companies. The posting said the attacks would continue until the
film that had stirred up anti-U.S. protests across the Middle
East was "erased" from the Internet.
It was not possible to identify the person who posted the
statement. Nor was it clear if the threat had anything to do
with the issues at either of the two banks.
Dan Holden, director of security research at Arbor Networks,
said that several U.S. banks were under assault by a distributed
denial of service (DDoS) campaign. He declined to identify them
An outside security contractor who was familiar with the
attacks said that they were "massive" in scope.
Denial-of-service attacks seek to disrupt websites and other
computer systems at the targeted organization by overwhelming
their networks with computer traffic.
The move by FS-ISAC came just two days the FBI published a
"fraud alert" advising financial services firms that cyber
criminals may be disrupting service to their websites in a bid
to keep banks from noticing a recent surge in fraudulent
large-sized wire transfers. ()
"Often these DDoS attacks are part of a more sophisticated
blended threat - One that utilizes DDoS as a diversion for more
complex, difficult to detect techniques with the intention to
extract customer data or financial information," said Holden of
An FBI spokeswoman declined to say if the tactics cited in
the fraud alert were related to the problems experienced by the
On Wednesday the consumer banking website of JPMorgan Chase
& Co was intermittently unavailable to some customers.
The problems followed issues with the website of Bank of America
Corp on Tuesday amid threats on the Internet that a
group was planning to launch cyber attacks on a U.S. bank.
JPMorgan Chase spokesman Patrick Linehan said: "We're
experiencing intermittent issues with Chase.com. We apologize
for any inconvenience and are working to restore full
A Bank of America spokesman reported no continuing problems
on Wednesday. "Our online banking services have been, and are,
up and running," Mark Pipitone said. "The vast majority of our
customers have not experienced any issues."
'ENSURE CONSTANT DILIGENCE'
The short advisory from the industry group urged banks and
other industry members to "ensure constant diligence in
monitoring and quick response to any malicious events."
The Reston, Virginia-based group is owned by dozens of
firms, including the two banks, as well as Citigroup Inc,
Goldman Sachs Group Inc and Morgan Stanley.
Insurers including American International Group,
Allstate Corp and State Farm Insurance also belong to
the group, as do credit card companies MasterCard Inc and
The advisory also cited a warning from Microsoft Corp
that hackers have attacked some of its customers by
means of a security bug in its widely used Internet Explorer
Microsoft has yet to release software to fix that security
flaw. The German government advised the public to stop using
Internet Explorer until an update is released. The U.S.
Department of Homeland Security has advised users to follow
steps recommended by Microsoft to reduce the risk of attacks but
noted that those measures may not fully secure the browser.
The warning from FS-ISAC comes as the Obama Administration
is considering issuing an executive order that could instruct
government agencies to take action to help better protect the
nation's critical infrastructure from cyber attacks.
Legislation that would strengthen the government's ability
to help secure private networks has so far been stalled in
Congress by groups concerned about privacy issues as well as
business groups that oppose increased regulation of their
Senator Jay Rockefeller, who heads the Senate Commerce
Committee, on Wednesday sent letters to the 500 biggest U.S.
companies, challenging them to improve their computer security.
He blamed the defeat of the legislation on concerns raised by "a
handful of business lobbying groups and trade associations."
He asked the companies to identify their own best practices
and to spell out their concerns about government-conducted risk
assessments that were part of the cyber security bill. He warned
that the companies could face "reactive and overly prescriptive
legislation" if nothing were done until some cyber disaster.
During a speech to the annual Air Force Association
conference, Deputy Defense Secretary Ashton Carter complained
that businesses are not doing enough to protect their own
networks, saying he was disappointed that the legislation has
not passed Congress.
Officials with FS-ISAC could not be reached to comment on
the decision to raise its cyber threat level. A spokesman for
the Department of Homeland Security declined to comment on the
advisory from the industry group.